Reading: Ethereum Just Shot Up $250 But Don’t Bet on That Resistance Breaking

Arbismart Logo
Ethereum

Ethereum Vulnerability Could Have Allowed Attackers to Drain Hot Wallets

Avatar

Georgi Georgiev | Nov 26, 2018 | 18:00

Poloniex suffers BitMEX style security breach Ethereum

Ethereum Vulnerability Could Have Allowed Attackers to Drain Hot Wallets

Avatar

Georgi Georgiev | Nov 26, 2018 | 18:00

Advertisement
Send
Share

A recent vulnerability in the Ethereum network could have reportedly allowed hackers to gain massive profits from cryptocurrency exchanges which haven’t set up a Gas usage limit.

A Critical Vulnerability

A group of researchers discovered a vulnerability in Ethereum which allowed attackers to drain exchanges by burning their ETH on high transaction costs or to benefit directly by minting GasToken.

The report details that exchanges which allow parties to withdraw ETH to arbitrary addresses without setting gas usage limit could have been exposed to increased transaction fees. According to the paper, there are two different options of exploiting this vulnerability.

The first option would allow the hacker to drain the unprotected exchange by making it pay for large amounts of transaction fees. The second option would allow the attacker to mint GasToken for substantial profits by simply imposing a small amount of GasToken as a tax for “naïve users.”

Issues Purportedly Patched

Reportedly, the vulnerability only affected exchanges which initiate Ethereum transactions and not such which process them. Furthermore, the report confirms that decentralized exchanges, as well as other venues operating on smart contract transactions initiated by users, remained unaffected. The report also outlined that EVM-based blockchains and Ethereum Classic may also be affected.

According to the official Medium publication, the researchers have already connected to a bulk of the affected exchanges which have supposedly patched the vulnerability.

Additionally, the researchers have given recommendations for exchanges to implement gas limits on all transactions.

Implement reasonable gas limits on all transactions. If any expensive transactions are made, ensure that the user bears the cost. Fees for a given withdrawal should always cover the gas needed. – reads the report.

What do you think of the recently discovered vulnerability and the lack of protection in certain exchanges? Don’t hesitate to let us know in the comments below!

Images courtesy Bitcoinist archives, Shutterstock.

BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Tags: , , , , ,
Send
Share
Show comments
The Dark Side of Ethereum
Ethereum

The Dark Side of Ethereum

For the last six years, Ethereum has dominated the smart contract landscape and has been arguably the only viable platform for launching decentralized applications (dApps) — due to...

Bitcoinist | 4 days ago
bitcoin ethereum
Ethereum

Economist: Ethereum To Repeat Bitcoin Rally To $20K, According To Metcalfe’s Law

Ethereum is now the second major cryptocurrency from the last bull run to break its former all-time high. One author and economist, however, claims that this is only the beginning of...

Tony Spilotro | 1 month ago
Ethereum, ETHUSD, ETHBTC, cryptocurrency
Ethereum

Ethereum Hits Three-Year High as Bitcoin Volatility Dims; Record Highs Ahead?

Ethereum (ETH) reached levels it last tested in January 2018 as a less volatile Bitcoin kept creating upside opportunities in the $105 billion altcoin market. The second-largest...

Yashu Gola | 1 month ago